Announcement

Collapse
No announcement yet.

Explicit permission to be required for cookie usage

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Explicit permission to be required for cookie usage

    Just heard about this on the radio:-

    http://www.bbc.co.uk/news/technology-12668552

    New net rules set to make cookies crumble

    Websites face restrictions on how they watch what their users do.

    How websites track visitors and tailor ads to their behaviour is about to undergo a big shake-up. From 25 May, European laws dictate that "explicit consent" must be gathered from web users who are being tracked via text files called "cookies". These files are widely used to help users navigate faster around sites they visit regularly. Businesses are being urged to sort out how they get consent so they can keep on using cookies.

    Track changes

    The changes are demanded by the European e-Privacy directive which comes into force in the UK in late May. The section of the directive dealing with cookies was drawn up in an attempt to protect privacy and, in particular, limit how much use could be made of behavioural advertising. This form of marketing involves people being tracked across websites, with their behaviour used to create a profile that dictates the type of adverts they see. As part of its work to comply with the directive, the IAB - an industry body that represents web ad firms - created a site that explains how behavioural advertising works and lets people opt out of it. The directive demands that users be fully informed about the information being stored in cookies and told why they see particular adverts. Specifically excluded by the directive are cookies that log what people have put in online shopping baskets. However, the directive is likely to have an impact on the more general use of cookies that remember login details and enable people to speed up their use of sites they visit regularly.

    (end)

    The radio interview with the information commissioner is not yet available on the BBC iplayer but as soon as it is I will post a link.

    Is Actinic aware of this, and are there any plans to implement something within the timescales mentioned on Radio 4, which were "approx September this year" ?

    Nick
    Fighting with sellerdeck on http://www.nickdobsonwines.co.uk

    #2
    I saw this too and was wondering about it.

    It's probably posted in the wrong forum though as it's not really V10 related or specific. Maybe the mods can move it.

    You've highlighted the bit that says

    Specifically excluded by the directive are cookies that log what people have put in online shopping baskets.
    So is there anything Actinic need to do on this?

    Mike

    PS. It all seems to be a bit rushed. The legislation is supposed by come into effect on May 25th, but it soulds as if they're still discussing the details and haven't yet published the regulations. Makes it hard to say what needs to be done by when.
    -----------------------------------------

    First Tackle - Fly Fishing and Game Angling

    -----------------------------------------

    Comment


      #3
      How will this affect Google Analytics?

      Will individual site owners be reponsible for warning people their site is using it?

      Comment


        #4
        I think Google analytics is a good question. I believe the driving force behind this is the tracking of what users are doing online and particularly the 'profiling' of users for advertising.

        I'd be surprised if Google analytics (and similar) isn't covered by the legislation. Presumably Analytics will need to pop up a question asking for permission before it can start to track the user.

        Mike
        -----------------------------------------

        First Tackle - Fly Fishing and Game Angling

        -----------------------------------------

        Comment


          #5
          Again I think the BBC are making the most out of this story - this is nothing new and cookies are just a small part of the whole directive.

          The full directive can be read here: http://eur-lex.europa.eu/LexUriServ/...2L0058:EN:HTML

          All that I believe will be required is for e-commerce sites to place a note on the page in the footer and/or perhaps or a link to a page that advises the visitor about data privacy and use of cookies advising that if they do not wish to be tracked then to please leave the site. Anything else is not practical.

          It seems like the EU have nothing better to do, no wonder they want so much of our money.

          Comment


            #6
            I can't see that using pop-ups will work. People have come to hate them and most browsers will block them.

            Comment


              #7
              What about deep linking? It surely can't be suggested that every page on a website has to have a prominent message - one on the home page would be OK and do-able easily but would that alone be accepted by the Information commissioner? It would be perfectly possible to deep link to my site and conclude a transaction without ever going near the home page or seeing a prominent warning. I'm sure most sites are like that. A footer might work implementationally - but again would it be considered good enough and "explicit"?

              Has there been any dialogue between Actinic and the Information Commissioner to see if this approach is acceptable? If there are valid reasons why it is impractical to do what has been suggested, then as a stakeholder representing many thousands of other Actinic-using stakeholders, I feel that is appropriate. Or we may all have a BIG problem later in the year.
              Fighting with sellerdeck on http://www.nickdobsonwines.co.uk

              Comment


                #8
                I don't see how this can be enforced or policed. Almost every internet site of any worth will have tracking of some nature. The directive should differentiate between real personal data and anonymous tracking data in my opinion. Just now we'll need PCI-DSS compliance to store cookies and collect tracking data.

                To try and bundle this with spyware trojans and the likes is ridiculous. How many millions. if not billions. of sites are there out there again?

                Comment


                  #9
                  All that I believe will be required is for e-commerce sites to place a note on the page in the footer and/or perhaps or a link to a page that advises the visitor about data privacy and use of cookies advising that if they do not wish to be tracked then to please leave the site. Anything else is not practical.
                  I'm not so sure on this. The key paragraph seems to be this one, where it seems to me that it's saying you have to ask for an informed consent or offer the opportunity to refuse the use of cookies in a user friendly manner.

                  (25) However, such devices, for instance so-called "cookies", can be a legitimate and useful tool, for example, in analysing the effectiveness of website design and advertising, and in verifying the identity of users engaged in on-line transactions. Where such devices, for instance cookies, are intended for a legitimate purpose, such as to facilitate the provision of information society services, their use should be allowed on condition that users are provided with clear and precise information in accordance with Directive 95/46/EC about the purposes of cookies or similar devices so as to ensure that users are made aware of information being placed on the terminal equipment they are using. Users should have the opportunity to refuse to have a cookie or similar device stored on their terminal equipment. This is particularly important where users other than the original user have access to the terminal equipment and thereby to any data containing privacy-sensitive information stored on such equipment. Information and the right to refuse may be offered once for the use of various devices to be installed on the user's terminal equipment during the same connection and also covering any further use that may be made of those devices during subsequent connections. The methods for giving information, offering a right to refuse or requesting consent should be made as user-friendly as possible. Access to specific website content may still be made conditional on the well-informed acceptance of a cookie or similar device, if it is used for a legitimate purpose.
                  Still. This is the stuff that the regulators will be discussing with industry on how it can be applied so I suspect it's still all up in the air with nothing decided yet.

                  Mike
                  -----------------------------------------

                  First Tackle - Fly Fishing and Game Angling

                  -----------------------------------------

                  Comment


                    #10
                    It annoys me the way things like this seem to happen and the arrogance of the people involved.

                    From the BBC website: http://www.bbc.co.uk/news/technology-12668552 ...

                    "It's going to happen and it's the law.”

                    Christopher Graham
                    Information Commissioner

                    Comment


                      #11
                      Originally posted by olderscot View Post
                      ...This is the stuff that the regulators will be discussing with industry on how it can be applied so I suspect it's still all up in the air with nothing decided yet.

                      Mike
                      Agreed, there appears to be nothing decided as to how this will happen but it is due to be law from 25 May.

                      Comment


                        #12
                        Seems we've opened a can of worms here and that some dialogue is needed quite quickly - if Actinic isn't part of "the industry" then I don't know who is!

                        It would surely be possible to force all users to login via a user account - and an appropriate warning could be presented at the login stage - but then where would we stand with deep-linking, and what would be the deterrent effect on simple browsing? I bet the number of visitors/sales would fall.
                        Fighting with sellerdeck on http://www.nickdobsonwines.co.uk

                        Comment


                          #13
                          Nothing other than what is referenced above is known at this stage. Frankly I don't believe anything will happen on 99.99% of sites other than perhaps a message on the page relating to the use of cookies and tracking information. The opt out is to leave the site.

                          It is not practical to use pop-ups or logins for this purpose. if enforced to the Nth degree then we would all be out of business, Google included.

                          Options are already included for users to reject or not accept cookies from within the browser.

                          Comment


                            #14
                            I'm sure that's right - and that they don't understand the issues they are attempting to regulate - but what is needed is recognition of that from the powers that be, hence my suggestion for dialogue to agree an approach. I imagine that any enforcement of this would possibly fall to Trading Standards, who will have even less understanding of the issues concerned and will go into jobsworth mode and simply declare sites to be non-compliant, then do all sorts of horrible things to us.

                            I don't think anyone, least of all Actinic, can afford to ignore this.
                            Fighting with sellerdeck on http://www.nickdobsonwines.co.uk

                            Comment


                              #15
                              The radio interview about this is now available on the BBC iPlayer:-

                              http://www.bbc.co.uk/iplayer/episode...ay_08_03_2011/

                              at 2 hrs 44 mins 40 secs.

                              Nick
                              Fighting with sellerdeck on http://www.nickdobsonwines.co.uk

                              Comment

                              Working...
                              X